Ruppersberger: Cybersecurity bill is necessary, will not violate privacy

The Baltimore Sun's editorial, "Fight cyber attacks, not privacy" (May 3) does readers a true disservice by perpetuating several myths about this critical issue.

The Cyber Intelligence Sharing and Protection Act (CISPA) is simple, allowing the American government and businesses to voluntarily share classified information on impending cyber threats before an attack occurs. The editorial clearly describes how China and other countries are robbing America blind, stealing valuable trade secrets and military technology. That's why the House of Representatives, in one of the most bipartisan votes of the past several years, passed CISPA with 92 Democrats joining 196 Republicans voting in favor of it.

We heard the suggestion that a civilian agency lead the exchange of cyber threat information. We agree — that's why a recent amendment puts the Department of Homeland Security at the forefront of the program.

The Sun's piece also suggests the bill enables American companies to "hack back" into an attacker's network if their own cyber networks have been penetrated. This is incorrect. One of 13 privacy-strengthening amendments added to the bill expressly prohibits it.

Finally, the Sun incorrectly suggests that companies will hand over reams of personally identifiable information to the government. Reality proves this isn't true or necessary. The legislation allows companies to share information with the government only if it is related to a cyber attack. In fact, Kevin Mandia, the renowned cyber expert who publicly linked the Chinese military to a series of attacks on U.S. corporations, recently testified before our committee that he has rarely, if ever, seen personal information revealed through information-sharing.

Suggestions the bill will allow the government to review personal emails, Facebook pages and Tweets are simply wrong. CISPA simply authorizes the exchange of technical data, mainly zeros and ones, to help companies protect themselves from these vicious and costly cyber attacks.